VIEW
POINT
BUZZ
Vo l u m e 3
Vo l u m e 3
Issue 7
Second, cloud security is becoming switching to or starting to use the cloud, additional holes for malicious actors
more complex by the day. As cloud virtual patching is convenient and easy for and other threats to slip through
investment increases, stakeholders’ them to use instead of shutting down entire the cracks. Nearly 25 percent of
focus on end-to-end security must projects. businesses use cloud hosts that lack
improve
as
well.
Cybercriminals
the
proper
high-priority
security
But cloud is not all silver
linings patches in public cloud environments.
premise servers to cloud servers. One vulnerabilities and
What’s presently worrying is that many companies today still don’t have environments are the insecure account a sound strategy for protecting their credentials and other insider threats. cloud environment, many of whom These allow cybercriminals to easily log in think the security responsibility lies and pilfer the data within the cloud. with the cloud service provider, which Shadow IT is particularly dangerous to the can severely impact performance,
is not true. security of the cloud too. Shadow IT, also impeding legitimate user processes
At the same time, emerging threats known as stealth IT or client IT, refers to and tasks in the cloud.
designed to compromise the cloud systems that are installed and created security without approval from the IT department. Many enterprises are still hesitant
environment standards like the EU’s General Data This leads to a situation where many Protection Regulation (GDPR) are devices and applications are shrouded making cloud security more complex in a cloak of invisibility, leaving them than unprotected by enterprise security. Today,
usually flock to where the data
resides, and it’s not inconceivable
that their focus is shifting from on-
18
Issue 7
VIEW
POINT
BUZZ
before,
and
new
posing
challenges
issue
that
continues
for
to create
enterprise cloud
only 7 percent of businesses can say with
Third, virtual patching is becoming a confidence that they have good visibility
as cloud infrastructures – just like
on-premise ones – constantly need
across their cloud-based data. The vast
majority of successful breaches – around
80 percent – rely on the use of privileged
to be patched. With conventional account credentials.
patches, operations Security
and
projects
need to be interrupted in order to
issues
can
another threat to cloud platforms
resources.
Cryptojacking
happens when cybercriminals usurp
precious cloud resources to mine
cryptocurrency. While it may not
look particularly malicious at first
blush, in the long run, crytojacking
everywhere.
must-have cybersecurity technology
Last but not least, cryptojacking is
about making the leap to cloud
servers, mistakenly
thinking
that
cloud is not as secure as the physical
servers. To the contrary, numerous
reports and experience from more
cloud-advanced
countries
have
shown that the physical location of
your data matters less than the means
of access. At the end of the day, you
need to apply the rigors around
security, whether you’re using cloud
also
arise
from
or physical servers.
inconsistent patching, which can create
download or install the patch. This
is inconvenient for companies that
are in the middle of a very important
project. Virtual patching protects the
parts of the project that must remain
uninterrupted so that companies can
continue their work while at the same
time also update their infrastructure.
With more and more businesses
CISO MAG | July-August 2019
The opinions expressed within this article are the personal opinions of the author. The
facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO
MAG does not assume any responsibility or liability for the same.
CISO MAG | July-August 2019
19